#!/bin/bash
#use to initialize the iptables
#DEFINE VARIABLES
HTTP_PORT=80
SECURE_HTTP_PORT=443
SSH_PORT=22
DNS_PORT=53
ALLOWED_IP=192.168.149.132
IPTABLES=/sbin/iptables

#FLUSH IPTABLES
$IPTABLES -F
$IPTABLES -X

#DEFINE DEFAULT ACTION
$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT DROP

#DEFINE INPUT/OUTPUT CHAINS
$IPTABLES -A INPUT  -p icmp --icmp-type any -j ACCEPT
$IPTABLES -A OUTPUT -p icmp --icmp-type any -j ACCEPT

$IPTABLES -A INPUT  -s localhost -d localhost -j ACCEPT
$IPTABLES -A OUTPUT -s localhost -d localhost -j ACCEPT

$IPTABLES -A INPUT  -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A INPUT  -p tcp --dport $SSH_PORT -j ACCEPT
$IPTABLES -A OUTPUT -p tcp --dport $SSH_PORT -j ACCEPT

$IPTABLES -A OUTPUT  -p tcp -m state --state NEW --dport $HTTP_PORT -j ACCEPT
$IPTABLES -A OUTPUT -p tcp --dport $SECURE_HTTP_PORT -j ACCEPT
$IPTABLES -A OUTPUT -p udp --dport $DNS_PORT -j ACCEPT
